为什么websocket需要使用HTTP进行开放式握手?为什么不能成为独立协议? [英] Why websocket needs an opening handshake using HTTP? Why can't it be an independent protocol?
问题描述
Websocket的设计方式是,使其握手成为有效的HTTP升级请求,从而使其服务器可以与HTTP服务器共享端口.
我对这种设计理念有疑问. 无论哪种方式,WebSocket协议都是独立的基于TCP的协议.
I have a doubt in this design philosophy. Any ways the WebSocket Protocol is an independent TCP-based protocol.
为什么我们需要此HTTP握手(升级请求)和协议切换.相反,为什么我们不能直接(独立地)遵循类似协议的websocket?
Why would we need this HTTP handshake(upgrade request) and a protocol switching. Instead why can't we directly(& independently) follow a websocket like protocol?
推荐答案
The WebSocket Protocol attempts to address the goals of existing
bidirectional HTTP technologies in the context of the existing HTTP
infrastructure; as such, it is designed to work over HTTP ports 80
and 443 as well as to support HTTP proxies and intermediaries, even
if this implies some complexity specific to the current environment.
However, the design does not limit WebSocket to HTTP, and future
implementations could use a simpler handshake over a dedicated port
without reinventing the entire protocol.
换句话说,对于HTTP和HTTPS,已经存在一个庞大的基础结构(代理,防火墙,缓存和其他中介).为了增加被广泛采用的机会,WebSocket协议旨在允许对现有基础结构进行调整和扩展,而无需重新创建所有内容以在专用端口上支持新协议.
In other words, there is a vast infrastructure for HTTP and HTTPS that already exists (proxies, firewalls, caches, and other intermediaries). In order to increase the chances of being adopted widely, the WebSocket protocol was designed to allow adjustments and extensions to the existing infrastructure without having to recreate everything from scratch to support a new protocol on a dedicate port.
还必须注意,即使WebSocket协议摆脱了与HTTP兼容的握手,它仍然需要几乎等效的握手来支持现代Web的安全性要求,以便浏览器和服务器可以相互验证并安全地支持CORS(跨域请求共享).在创建实际套接字之前,甚至原始" Flash套接字也会通过安全策略请求与服务器进行握手.
It's also important to note that even if WebSocket protocol were to get rid of the HTTP compatible handshake, it would still need a handshake of almost equivalent complexity to support security requirements of the modern web so the browser and server can validate each other and to support CORS (cross-origin request sharing) securely. Even "raw" Flash sockets do a handshake with the server via the security policy request prior to creating the actual socket.
这篇关于为什么websocket需要使用HTTP进行开放式握手?为什么不能成为独立协议?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
